A recent paper published by Dean Sittig, a professor at the University of Texas School of Biomedical Informatics, and Dr. Hardeep Singh, the Chief of Veterans Affairs Health Policy, Quality and Informatics Program took a close look at the biggest challenges facing medical professionals when it comes to preventing a ransomware attack.

The pair acknowledged that it’s not always possible to stop these attacks from happening, but the right measures taken by staff before a malware infection happens can drastically reduce the damage done. There are four steps every practice should take to prepare for a worst case scenario:

1) Routine Data Backups and Consistent Software Updates

A consistent system-wide data backup and recovery plan is crucial. If lost or compromised data can’t be restored, your practice might not be able to survive a cyber attack. Ensuring that all of your software – not just your antivirus and antimalware programs – is up to date and all the latest patches have been installed is equally as important. These patches can close security gaps in applications your practice uses every day and prevent hackers from exploiting potential weaknesses. Adopting a whitelist policy is also recommended. A whitelist works by only allowing approved programs and applications to run on a system, and blocking everything else to stop potentially malicious code.

2) Proper Education and Training For All Staff

Your staff should be an asset to your security measures, not a liability. Ensure that all employees know how to use applications correctly and securely, and know how to spot phishing scams and other cybercriminal tactics. Training should involve simulated attacks, so that you can see firsthand how your staff will handle a crisis situation, and what your expected downtime will look like. Knowing ahead of time which applications will need to be restored first to allow for minimal disruption will make the recovery process smoother.

3) Constant, Comprehensive Monitoring

There should always be eyes on your systems and network, watching for any sign of suspicious activity. Your IT provider should be offering your practice around the clock monitoring and regular reports to avoid any unpleasant surprises. This goes back to the first step, ensuring all patches and updates are installed as they become available. If your security measures are maintained effectively, and potential vulnerabilities are fixed quickly, the risk of a malware infection can be reduced.

4) Learn From Your Past Mistakes

The reality is that at some point, your practice will fall victim to some form of cyber attack. Knowing how and why it happened will help you be better prepared in the future. Having professionals take a look at your network once the threat has been contained might be able to give you a clearer picture of what steps need to be taken to avoid ending up in the same situation again.

Preventing and preparing for a cyber attack should be a joint effort between your practice, and your IT service provider. Experienced IT professionals can offer you the tools and support you need to make the best of a bad situation. Knowing what to do when disaster strikes is every bit as vital as the precautions you take to stop a disaster from happening in the first place.

If you’d like more information on this topic, you can read the complete paper here.

Want to learn more about the steps you can take to protect your practice from ransomware? Contact us at info@onserve.ca or (613) 634-8125. We’re the trusted IT experts for practices in Kingston, Ottawa and Eastern Ontario.

Social Media

Don't neglect your technology solutions

OnServe is an IT Support and Computer Services company based in Kingston and Brockville Ontario. We provide services across Ontario. Cities we serve include Ottawa, Cornwall, Napanee, Belleville, Toronto, Oshawa, Mississauga, Oakville, Hamilton and the Niagara Region. We know what businesses need in order to run highly-effective organizations. Technology is a critical ingredient in your recipe for success.